Authentication

The Beaconed API uses JWT bearer tokens for authentication. Include your API key in the Authorization header of every request.

Bearer token

All API requests must include your key in the Authorization header:

Authorization header

Authorization: Bearer YOUR_API_KEY

Requests without a valid token receive a 401 Unauthorized response. Requests with a valid token but insufficient permissions receive 403 Forbidden.

API key management

API keys are created in your account settings. Each key:

Is shown only once at creation — store it immediately
Is stored as a SHA-256 digest — we cannot retrieve it for you
Has an 8-character key_prefix for identification
Is scoped to a single account

If you lose your API key, revoke it and create a new one. There is no way to recover a lost key.

Example request

Authenticated request

GET /v1/settings

curl https://beaconed.ai/api/v1/settings \
  -H "Authorization: Bearer bea_k1a2b3c4..."

require "net/http"

uri = URI("https://beaconed.ai/api/v1/settings")
req = Net::HTTP::Get.new(uri)
req["Authorization"] = "Bearer bea_k1a2b3c4..."

response = Net::HTTP.start(uri.hostname, uri.port, use_ssl: true) { |http| http.request(req) }

const response = await fetch("https://beaconed.ai/api/v1/settings", {
  headers: { "Authorization": "Bearer bea_k1a2b3c4..." }
});